2022 saw some of the biggest data breaches ever, with companies as big as Microsoft and even the Red Cross being affected by cybercriminals who were able to steal sensitive information from their systems. This was a major concern for many people, as it showed that no company was safe from these attacks.
1. Crypto.com Data Breach
Crypto.com is an online wallet that allows registered users to buy cryptocurrencies at their true cost and trade them within the Crypto.com network, almost like a traditional stock market. The network allows people to use their Crypto.com bank card to leverage their cryptocurrency investments to get the best exchange rates in real-time when they make payments using cryptocurrencies.
On 17 January 2022, Crypto.com learned that a small number of users had unauthorized crypto withdrawals on their accounts. Crypto.com promptly suspended withdrawals for all tokens to initiate an investigation and worked around the clock to address the issue. No customers experienced a loss of funds. In the majority of cases, Crypto.com was able to prevent unauthorized withdrawals, and in all other cases, customers were fully reimbursed. The incident affected 483 Crypto.com users.
How did Crypto.com Report the Problem?
As a first measure, Crypto.com migrated its network to a new 2-factor authentication system immediately. This is in line with our best practices, which include making immediate changes to multi-factor authentication systems when a breach or potential breach has been detected. They even upgraded their authentication system to include a mandatory 24-hour delay between registration of a new whitelisted withdrawal address and the first withdrawal.
Worldwide Account Protection Program
As an additional security step, Crypto.com introduced the worldwide account protection program (APP), which offers additional security and protection to user funds that live within the Crypto.com App and the Crypto.com Exchange. APP is meant to safeguard user funds when an unauthorized third party accesses their account to withdraw funds. The APP will restore funds up to $250,000 for registered users as an added layer of protection.
2. Microsoft Azure Misconfiguration
In October 2022, Microsoft confirmed that it had mistakenly exposed thousands of customers’ information after a security breach that left an endpoint compromised, allowing for potential unauthenticated access to business transaction data. The leak was in the realm of B2B, leaving multiple corporate accounts exposed. The breach occurred due to the misconfiguration of the Azure Blob Storage endpoint.
The BlueBleed
The breach was identified on September 24, 2022, by SOCRadar, who coined the term the Blue Bleed to describe it. The company said that files from 2017 through August 2022 were left vulnerable, and they even released a search tool for third parties to analyze whether their data had been compromised.
Discussion surrounding the BlueBleed leak got pretty heated on the internet, with various companies criticizing Microsoft for being vague about what data was susceptible to being stolen. Microsoft reportedly didn’t want to disclose details of the breach, which goes in direct contradiction with what we advise when it comes to cybersecurity breach best practices. We say, the more transparency, the better.
Can Companies Rely on Cloud Service Providers?
We think yes. But only if you have the right cybersecurity strategy and infrastructure in place. Misconfigured cloud storage buckets can have massive repercussions as the BlueBleed leak shows. There are some best practices when it comes to using cloud service providers. Setting clear goals, working with a cybersecurity management team to monitor new challenges, consolidating applications, and focusing on one cloud solution at a time can help protect your organization from threats. While it may be tempting to try out a few solutions simultaneously to see what is the right fit, that can be playing with fire. Expert security teams should be able to help you determine the right solution for your cloud service needs.
3. News Corp
As we saw with Crypto.com and Microsoft, News Corporation also fell prey to a cybersecurity breach. The company submitted a report to the securities and exchange commission informing of a hack that affected financial news organizations Dow Jones and News UK, which controls the Times of London and the Sun.
News Corp Affected Targets
After the breach, News Corp sent an email to its employees, explaining that specific branches of the organization had been targeted, including The Wall Street Journal and its parent Dow Jones, the New York Post, the company’s UK news operation, and News Corp headquarters.
Who Committed the News Corp Attack?
While we haven’t found any concrete evidence as to who is responsible for the News Corp attack, there is some speculation that the perpetrators were Chinese spies. Recently, China has been ramping up cyberattacks on US and European organizations, but this year confirming where the News Corp attack originated is proving difficult despite advances in technology and cybersecurity. Regarding a cybersecurity strategy and framework, it is essential to remember that it is an ongoing process that needs constant testing and updating to remain viable.
4. International Committee of the Red Cross Attack
On 20 January 2022, the International Committee of the Red Cross (ICRC) appealed to hackers who had stolen private data, saying they would speak "directly and confidentially" to those responsible for the attack. The ICRC said its attackers used “considerable resources” to access its systems using tactics, techniques, and procedures that most detection tools could not have picked up. Among them were advanced hacking tools designed for offensive security that are known to be primarily used by advanced persistent threat (APT) groups with nation-state links, as well as sophisticated obfuscation techniques.
Nation-State Attacks
Nation-state cyberattacks are on the rise, and many experts believe these attacks will only become more common in the years to come. A recent report from the Center for Strategic and International Studies (CSIS) found that there were at least 198 separate incidents of nation-state cyberattacks between 2006 and 2016. These attacks can have various negative consequences, including loss of intellectual property, economic damage, and even loss of human life.
Develop a Cybersecurity Strategy
Fortunately, there are steps that businesses can take to protect themselves from nation-state cyberattacks. One important step is ensuring that your organization has a robust cybersecurity strategy. This includes implementing strong passwords, installing antivirus software, and training employees on how to spot potential phishing attacks.
Another important step is to partner with a trusted cybersecurity provider. Compuquip is one such provider that offers a wide range of cybersecurity solutions, including anti-virus software, firewalls, and intrusion detection systems. Compuquip has a long track record of providing reliable and effective cybersecurity solutions to businesses of all sizes.
Compuquip is here to help your organization develop and implement a robust cybersecurity strategy to stay ahead of data breach criminals.
